10th International Workshop on Socio-Technical Aspects in Security
September 2020, Guildford, United Kingdom

Affiliated with the 25th European Symposium on Research in Computer Security (ESORICS 2020)

UPDATE: After evaluating the ongoing COVID-19 situation, the decision has been made to run ESORICS 2020 and the associated workshops as an online event. Therefore, STAST 2020 will take place as entirely virtual.

Stay connected






Socio-Technical Aspects in Security and Trust.
10th International Workshop STAST 2020, Virtual Event, September 14, 2020, Revised Selected Papers.
Thomas Groß and Luca Viganò (eds.), Springer.
ISBN: 978-3-030-79318-0

The proceedings are available at SpringerLink.

Mailing List

We invite you to subscribe to our socio-technical security mailing list


The term "socio-technical" means a reciprocal relationship between technology and people.


Successful attacks on information systems often combine social engineering practices with technical skills, exploiting technical vulnerabilities, insecure user behavior, poorly designed user interfaces, and unclear or unrealistic security policies. To improve security, technology must adapt to the users, because research in social sciences and usable security has demonstrated that insecure behavior can be justified from cognitive, emotional, and social perspectives. However, also adherence to reasonable security policies and corresponding behavioral changes should augment and support technical security.

Finding the right balance between the technical and the social security measures remains largely unexplored, which motivates the need for this workshop. Currently, different security communities (theoretical security, systems security, usable security, and security management) rarely work together. There is no established holistic research in security, and the respective communities tend to offload on each other parts of problems that they consider to be out of scope, an attitude that results in deficient or unsuitable security solutions.


The workshop intends to stimulate an exchange of ideas and experiences on how to design systems that are secure in the real world where they interact with non-expert users. It aims at bringing together experts in various areas of computer security and in social and behavioral sciences.


STAST is a one day workshop.